static void gen_des_key_56_112_168()
{
printf(" #### gen_des_key_56_112_168 ####\n");
TEE_Result ret;
TEE_ObjectHandle des;
TEE_ObjectHandle des3_112;
TEE_ObjectHandle des3_168;
/* des */
ret = TEE_AllocateTransientObject(TEE_TYPE_DES, 56, &des);
if (ret != TEE_SUCCESS) {
printf("Fail: des alloc\n");
goto err;
}
ret = TEE_GenerateKey(des, 56, NULL, 0);
if (ret != TEE_SUCCESS) {
printf("Fail: gen des\n");
goto err;
}
/* des3 112 */
ret = TEE_AllocateTransientObject(TEE_TYPE_DES3, 112, &des3_112);
if (ret != TEE_SUCCESS) {
printf("Fail: des3_112 alloc\n");
goto err;
}
ret = TEE_GenerateKey(des3_112, 112, NULL, 0);
if (ret != TEE_SUCCESS) {
printf("Fail: gen des3_112\n");
goto err;
}
/* des3 168 */
ret = TEE_AllocateTransientObject(TEE_TYPE_DES3, 168, &des3_168);
if (ret != TEE_SUCCESS) {
printf("Fail: des3_168 alloc\n");
goto err;
}
ret = TEE_GenerateKey(des3_168, 168, NULL, 0);
if (ret != TEE_SUCCESS) {
printf("Fail: gen des3_168\n");
goto err;
}
err:
TEE_FreeTransientObject(des);
TEE_FreeTransientObject(des3_112);
TEE_FreeTransientObject(des3_168);
}
static void gen_rsa_key_pair_and_save_read()
{
printf(" #### gen_rsa_key_pair_and_save_read ####\n");
TEE_Result ret;
TEE_ObjectHandle handler;
TEE_ObjectHandle handler2;
size_t key_size = 512;
char objID[] = "56c5d1b260704de30fe7af67e5b9327613abebe6172a2b4e949d84b8e561e2fb";
size_t objID_len = 64;
uint32_t flags = 0xffffffff ^ TEE_DATA_FLAG_EXCLUSIVE;
void * data;
size_t data_len = 12;
data = malloc(data_len);
if (data == NULL)
goto err;
RAND_bytes(data, data_len);
ret = TEE_AllocateTransientObject(TEE_TYPE_RSA_KEYPAIR, key_size, &handler);
if (ret == TEE_ERROR_OUT_OF_MEMORY) {
printf("Fail: no mem\n");
goto err;
}
if (ret == TEE_ERROR_NOT_SUPPORTED) {
printf("Fail: no sup\n");
goto err;
}
ret = TEE_GenerateKey(handler, key_size, NULL, 0);
if (ret != TEE_SUCCESS) {
printf("Fail: bad para\n");
goto err;
}
ret = TEE_CreatePersistentObject(TEE_STORAGE_PRIVATE, (void *)objID,
objID_len, flags, handler, data, data_len, NULL);
if (ret != TEE_SUCCESS) {
printf("Fail: per creation\n");
goto err;
}
ret = TEE_OpenPersistentObject(TEE_STORAGE_PRIVATE, (void *)objID,
objID_len, flags, &handler2);
if (ret != TEE_SUCCESS) {
printf("Fail: per open\n");
goto err;
}
err:
TEE_FreeTransientObject(handler);
TEE_CloseAndDeletePersistentObject(handler2);
free(data);
}
static void gen_rsa_key_pair_and_copy_public()
{
printf(" #### gen_rsa_key_pair_and_copy_public ####\n");
TEE_Result ret;
TEE_ObjectHandle rsa_keypair;
TEE_ObjectHandle rsa_pubkey;
size_t key_size = 512;
ret = TEE_AllocateTransientObject(TEE_TYPE_RSA_KEYPAIR, key_size, &rsa_keypair);
if (ret == TEE_ERROR_OUT_OF_MEMORY) {
printf("Fail: no mem\n");
goto err;
}
if (ret == TEE_ERROR_NOT_SUPPORTED) {
printf("Fail: no sup\n");
goto err;
}
ret = TEE_AllocateTransientObject(TEE_TYPE_RSA_PUBLIC_KEY, key_size, &rsa_pubkey);
if (ret == TEE_ERROR_OUT_OF_MEMORY) {
printf("Fail: no mem\n");
goto err;
}
if (ret == TEE_ERROR_NOT_SUPPORTED) {
printf("Fail: no sup\n");
goto err;
}
ret = TEE_GenerateKey(rsa_keypair, key_size, NULL, 0);
if (ret != TEE_SUCCESS) {
printf("Fail: bad para\n");
goto err;
}
TEE_CopyObjectAttributes(rsa_pubkey, rsa_keypair);
err:
TEE_FreeTransientObject(rsa_keypair);
TEE_FreeTransientObject(rsa_pubkey);
}
static void popu_rsa_pub_key()
{
printf(" #### popu_rsa_pub_key ####\n");
TEE_Result ret;
TEE_ObjectHandle rsa_pubkey;
size_t key_size = 512;
TEE_Attribute *params;
size_t param_count = 2;
ret = TEE_AllocateTransientObject(TEE_TYPE_RSA_PUBLIC_KEY, key_size, &rsa_pubkey);
if (ret == TEE_ERROR_OUT_OF_MEMORY) {
printf("Fail: no mem\n");
goto err;
}
if (ret == TEE_ERROR_NOT_SUPPORTED) {
printf("Fail: no sup\n");
goto err;
}
params = TEE_Malloc(param_count * sizeof(TEE_Attribute), 0);
if (params == NULL)
goto err;
// modulo
params[0].attributeID = TEE_ATTR_RSA_MODULUS;
params[0].content.ref.buffer = TEE_Malloc(KEY_IN_BYTES(key_size), 0);
if (params[0].content.ref.buffer == NULL)
goto err;
RAND_bytes(params[0].content.ref.buffer, KEY_IN_BYTES(key_size));
params[0].content.ref.length = KEY_IN_BYTES(key_size);
// pub exp
params[1].attributeID = TEE_ATTR_RSA_PUBLIC_EXPONENT;
params[1].content.ref.buffer = TEE_Malloc(KEY_IN_BYTES(key_size), 0);
if (params[1].content.ref.buffer == NULL)
goto err;
RAND_bytes(params[1].content.ref.buffer, KEY_IN_BYTES(key_size));
params[1].content.ref.length = KEY_IN_BYTES(key_size);
ret = TEE_PopulateTransientObject(rsa_pubkey, params, param_count);
if (ret != TEE_SUCCESS) {
printf("Fail: popu\n");
goto err;
}
err:
free_attr(params, param_count);
free(params);
TEE_FreeTransientObject(rsa_pubkey);
}
static void gen_RSA_per_obj_with_data(TEE_ObjectHandle *gen_obj, size_t data_len)
{
TEE_Result ret;
TEE_ObjectHandle handler;
size_t key_size = 512;
void *ID = NULL;
size_t ID_len = 30;
uint32_t flags = 0xffffffff ^ TEE_DATA_FLAG_EXCLUSIVE;
void * init_data;
init_data = malloc(data_len);
if (init_data == NULL) {
printf("Fail: gen_rand_data_obj(inti_data mem)\n");
goto err;
}
RAND_bytes(init_data, data_len);
ID = malloc(ID_len);
if (ID == NULL) {
printf("Fail: gen_rand_data_obj(ID mem)\n");
goto err;
}
RAND_bytes(ID, ID_len);
ret = TEE_AllocateTransientObject(TEE_TYPE_RSA_KEYPAIR, key_size, &handler);
if (ret != TEE_SUCCESS) {
printf("Fail: gen_RSA_per_obj_with_data(alloc)\n");
goto err;
}
ret = TEE_GenerateKey(handler, key_size, NULL, 0);
if (ret != TEE_SUCCESS) {
printf("Fail: gen_RSA_per_obj_with_data(gen key)\n");
goto err;
}
ret = TEE_CreatePersistentObject(TEE_STORAGE_PRIVATE, ID, ID_len, flags, handler,
init_data, data_len, gen_obj);
if (ret != TEE_SUCCESS) {
printf("Fail: gen_RSA_per_obj_with_data(per create)\n");
goto err;
}
err:
TEE_FreeTransientObject(handler);
free(ID);
free(init_data);
}
TEE_Result ta_entry_allocate_transient_object(uint32_t param_type,
TEE_Param params[4])
{
TEE_Result res;
TEE_ObjectHandle o;
ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
(TEE_PARAM_TYPE_VALUE_INPUT,
TEE_PARAM_TYPE_VALUE_OUTPUT, TEE_PARAM_TYPE_NONE,
TEE_PARAM_TYPE_NONE));
res =
TEE_AllocateTransientObject(params[0].value.a, params[0].value.b,
&o);
if (res == TEE_SUCCESS)
params[1].value.a = (uint32_t) o;
return res;
}
TEE_Result TEE_AllocateOperation(TEE_OperationHandle *operation,
uint32_t algorithm, uint32_t mode,
uint32_t maxKeySize)
{
TEE_Result res;
TEE_OperationHandle op = TEE_HANDLE_NULL;
uint32_t handle_state = 0;
size_t block_size = 1;
uint32_t req_key_usage;
bool with_private_key = false;
bool buffer_two_blocks = false;
if (!operation)
TEE_Panic(0);
if (algorithm == TEE_ALG_AES_XTS)
handle_state = TEE_HANDLE_FLAG_EXPECT_TWO_KEYS;
/* Check algorithm max key size */
switch (algorithm) {
case TEE_ALG_DSA_SHA1:
if (maxKeySize < 512)
return TEE_ERROR_NOT_SUPPORTED;
if (maxKeySize > 1024)
return TEE_ERROR_NOT_SUPPORTED;
if (maxKeySize % 64 != 0)
return TEE_ERROR_NOT_SUPPORTED;
break;
case TEE_ALG_DSA_SHA224:
if (maxKeySize != 2048)
return TEE_ERROR_NOT_SUPPORTED;
break;
case TEE_ALG_DSA_SHA256:
if (maxKeySize != 2048 && maxKeySize != 3072)
return TEE_ERROR_NOT_SUPPORTED;
break;
case TEE_ALG_ECDSA_P192:
case TEE_ALG_ECDH_P192:
if (maxKeySize != 192)
return TEE_ERROR_NOT_SUPPORTED;
break;
case TEE_ALG_ECDSA_P224:
case TEE_ALG_ECDH_P224:
if (maxKeySize != 224)
return TEE_ERROR_NOT_SUPPORTED;
break;
case TEE_ALG_ECDSA_P256:
case TEE_ALG_ECDH_P256:
if (maxKeySize != 256)
return TEE_ERROR_NOT_SUPPORTED;
break;
case TEE_ALG_ECDSA_P384:
case TEE_ALG_ECDH_P384:
if (maxKeySize != 384)
return TEE_ERROR_NOT_SUPPORTED;
break;
case TEE_ALG_ECDSA_P521:
case TEE_ALG_ECDH_P521:
if (maxKeySize != 521)
return TEE_ERROR_NOT_SUPPORTED;
break;
default:
break;
}
/* Check algorithm mode */
switch (algorithm) {
case TEE_ALG_AES_CTS:
case TEE_ALG_AES_XTS:
buffer_two_blocks = true;
/*FALLTHROUGH*/ case TEE_ALG_AES_ECB_NOPAD:
case TEE_ALG_AES_CBC_NOPAD:
case TEE_ALG_AES_CTR:
case TEE_ALG_AES_CCM:
case TEE_ALG_AES_GCM:
case TEE_ALG_DES_ECB_NOPAD:
case TEE_ALG_DES_CBC_NOPAD:
case TEE_ALG_DES3_ECB_NOPAD:
case TEE_ALG_DES3_CBC_NOPAD:
if (TEE_ALG_GET_MAIN_ALG(algorithm) == TEE_MAIN_ALGO_AES)
block_size = TEE_AES_BLOCK_SIZE;
else
block_size = TEE_DES_BLOCK_SIZE;
if (mode == TEE_MODE_ENCRYPT)
req_key_usage = TEE_USAGE_ENCRYPT;
else if (mode == TEE_MODE_DECRYPT)
req_key_usage = TEE_USAGE_DECRYPT;
else
return TEE_ERROR_NOT_SUPPORTED;
break;
case TEE_ALG_RSASSA_PKCS1_V1_5_MD5:
case TEE_ALG_RSASSA_PKCS1_V1_5_SHA1:
case TEE_ALG_RSASSA_PKCS1_V1_5_SHA224:
case TEE_ALG_RSASSA_PKCS1_V1_5_SHA256:
case TEE_ALG_RSASSA_PKCS1_V1_5_SHA384:
case TEE_ALG_RSASSA_PKCS1_V1_5_SHA512:
case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1:
case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224:
case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256:
case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384:
case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512:
case TEE_ALG_DSA_SHA1:
case TEE_ALG_DSA_SHA224:
case TEE_ALG_DSA_SHA256:
case TEE_ALG_ECDSA_P192:
case TEE_ALG_ECDSA_P224:
case TEE_ALG_ECDSA_P256:
case TEE_ALG_ECDSA_P384:
case TEE_ALG_ECDSA_P521:
if (mode == TEE_MODE_SIGN) {
with_private_key = true;
req_key_usage = TEE_USAGE_SIGN;
} else if (mode == TEE_MODE_VERIFY) {
req_key_usage = TEE_USAGE_VERIFY;
} else {
return TEE_ERROR_NOT_SUPPORTED;
}
break;
case TEE_ALG_RSAES_PKCS1_V1_5:
case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1:
case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224:
case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256:
case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384:
case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512:
if (mode == TEE_MODE_ENCRYPT) {
req_key_usage = TEE_USAGE_ENCRYPT;
} else if (mode == TEE_MODE_DECRYPT) {
with_private_key = true;
req_key_usage = TEE_USAGE_DECRYPT;
} else {
return TEE_ERROR_NOT_SUPPORTED;
}
break;
case TEE_ALG_RSA_NOPAD:
if (mode == TEE_MODE_ENCRYPT) {
req_key_usage = TEE_USAGE_ENCRYPT | TEE_USAGE_VERIFY;
} else if (mode == TEE_MODE_DECRYPT) {
with_private_key = true;
req_key_usage = TEE_USAGE_DECRYPT | TEE_USAGE_SIGN;
} else {
return TEE_ERROR_NOT_SUPPORTED;
}
break;
case TEE_ALG_DH_DERIVE_SHARED_SECRET:
case TEE_ALG_ECDH_P192:
case TEE_ALG_ECDH_P224:
case TEE_ALG_ECDH_P256:
case TEE_ALG_ECDH_P384:
case TEE_ALG_ECDH_P521:
case TEE_ALG_HKDF_MD5_DERIVE_KEY:
case TEE_ALG_HKDF_SHA1_DERIVE_KEY:
case TEE_ALG_HKDF_SHA224_DERIVE_KEY:
case TEE_ALG_HKDF_SHA256_DERIVE_KEY:
case TEE_ALG_HKDF_SHA384_DERIVE_KEY:
case TEE_ALG_HKDF_SHA512_DERIVE_KEY:
case TEE_ALG_CONCAT_KDF_SHA1_DERIVE_KEY:
case TEE_ALG_CONCAT_KDF_SHA224_DERIVE_KEY:
case TEE_ALG_CONCAT_KDF_SHA256_DERIVE_KEY:
case TEE_ALG_CONCAT_KDF_SHA384_DERIVE_KEY:
case TEE_ALG_CONCAT_KDF_SHA512_DERIVE_KEY:
case TEE_ALG_PBKDF2_HMAC_SHA1_DERIVE_KEY:
if (mode != TEE_MODE_DERIVE)
return TEE_ERROR_NOT_SUPPORTED;
with_private_key = true;
req_key_usage = TEE_USAGE_DERIVE;
break;
case TEE_ALG_MD5:
case TEE_ALG_SHA1:
case TEE_ALG_SHA224:
case TEE_ALG_SHA256:
case TEE_ALG_SHA384:
case TEE_ALG_SHA512:
if (mode != TEE_MODE_DIGEST)
return TEE_ERROR_NOT_SUPPORTED;
/* v1.1: flags always set for digest operations */
handle_state |= TEE_HANDLE_FLAG_KEY_SET;
req_key_usage = 0;
break;
case TEE_ALG_DES_CBC_MAC_NOPAD:
case TEE_ALG_AES_CBC_MAC_NOPAD:
case TEE_ALG_AES_CBC_MAC_PKCS5:
case TEE_ALG_AES_CMAC:
case TEE_ALG_DES_CBC_MAC_PKCS5:
case TEE_ALG_DES3_CBC_MAC_NOPAD:
case TEE_ALG_DES3_CBC_MAC_PKCS5:
case TEE_ALG_HMAC_MD5:
case TEE_ALG_HMAC_SHA1:
case TEE_ALG_HMAC_SHA224:
case TEE_ALG_HMAC_SHA256:
case TEE_ALG_HMAC_SHA384:
case TEE_ALG_HMAC_SHA512:
if (mode != TEE_MODE_MAC)
return TEE_ERROR_NOT_SUPPORTED;
req_key_usage = TEE_USAGE_MAC;
break;
default:
return TEE_ERROR_NOT_SUPPORTED;
}
op = TEE_Malloc(sizeof(*op), TEE_MALLOC_FILL_ZERO);
if (!op)
return TEE_ERROR_OUT_OF_MEMORY;
op->info.algorithm = algorithm;
op->info.operationClass = TEE_ALG_GET_CLASS(algorithm);
op->info.mode = mode;
op->info.maxKeySize = maxKeySize;
op->info.requiredKeyUsage = req_key_usage;
op->info.handleState = handle_state;
if (block_size > 1) {
size_t buffer_size = block_size;
if (buffer_two_blocks)
buffer_size *= 2;
op->buffer = TEE_Malloc(buffer_size,
TEE_USER_MEM_HINT_NO_FILL_ZERO);
if (op->buffer == NULL) {
res = TEE_ERROR_OUT_OF_MEMORY;
goto out;
}
}
op->block_size = block_size;
op->buffer_two_blocks = buffer_two_blocks;
if (TEE_ALG_GET_CLASS(algorithm) != TEE_OPERATION_DIGEST) {
uint32_t mks = maxKeySize;
TEE_ObjectType key_type = TEE_ALG_GET_KEY_TYPE(algorithm,
with_private_key);
/*
* If two keys are expected the max key size is the sum of
* the size of both keys.
*/
if (op->info.handleState & TEE_HANDLE_FLAG_EXPECT_TWO_KEYS)
mks /= 2;
res = TEE_AllocateTransientObject(key_type, mks, &op->key1);
if (res != TEE_SUCCESS)
goto out;
if (op->info.handleState & TEE_HANDLE_FLAG_EXPECT_TWO_KEYS) {
res = TEE_AllocateTransientObject(key_type, mks,
&op->key2);
if (res != TEE_SUCCESS)
goto out;
}
}
res = utee_cryp_state_alloc(algorithm, mode, (unsigned long)op->key1,
(unsigned long)op->key2, &op->state);
if (res != TEE_SUCCESS)
goto out;
/*
* Initialize digest operations
* Other multi-stage operations initialized w/ TEE_xxxInit functions
* Non-applicable on asymmetric operations
*/
if (TEE_ALG_GET_CLASS(algorithm) == TEE_OPERATION_DIGEST) {
res = utee_hash_init(op->state, NULL, 0);
if (res != TEE_SUCCESS)
goto out;
/* v1.1: flags always set for digest operations */
op->info.handleState |= TEE_HANDLE_FLAG_INITIALIZED;
}
op->operationState = TEE_OPERATION_STATE_INITIAL;
*operation = op;
out:
if (res != TEE_SUCCESS) {
if (res != TEE_ERROR_OUT_OF_MEMORY &&
res != TEE_ERROR_NOT_SUPPORTED)
TEE_Panic(0);
if (op) {
if (op->state) {
TEE_FreeOperation(op);
} else {
TEE_Free(op->buffer);
TEE_FreeTransientObject(op->key1);
TEE_FreeTransientObject(op->key2);
TEE_Free(op);
}
}
}
return res;
}
/**
* @brief
*/
void test_storage_api()
{
uint32_t storageID=TEE_OBJECT_STORAGE_PRIVATE,
r_flags=TEE_DATA_FLAG_ACCESS_READ,
w_flags=TEE_DATA_FLAG_ACCESS_WRITE,
rw_flags=(TEE_DATA_FLAG_ACCESS_READ | TEE_DATA_FLAG_ACCESS_WRITE),
a_attribute_val=0x00000005,b_attribute_val=0x00000007,
pop_ret_val,attribute_cnt=0x00000003,seek_ret_val,open_seek_retval,
crt_ret_val,write_ret_val,open_write_retval,read_ret_val,
open_read_retval,open_ret_val,open_delete_retval,allocate1_ret_val,
allocate2_ret_val,rd_trunc_cnt=0x00000000,open_truncate_retval,
trunc_size=0x0000000A,truncate_ret_val,rdtest_truncated_retval,
optest_truncated_retval,rdtest_written_retval,
optest_written_retval,rd_write_cnt=0x00000000,read_cnt=0x00000000,
trunc_cnt=0x00000000,open_rename_retval,de_a,
rd_rename_cnt=0x00000000,optest_renamed_retval,rename_ret_val,
rdtest_renamed_retval,optest_deleted_retval;
typedef signed int int32_t;
int32_t offset=0x00000003;
size_t objectIDLen=0x00000040,read_size=0x0000000F,rd_trunc_size=0x0000000A,
rd_write_size=0x0000002C,rd_rename_size=0x0000000C;
void* open_objectID="/test.dir/test.txt";
void* rename_objectID="/test.dir/new.txt";
void* initialData="This a sierraware created sample initial data\n";
void* create_objectID="/test.dir/crt.txt";
void* read_objectID="/test.dir/read.txt";
void* write_objectID="/test.dir/write.txt";
void* seek_objectID="/test.dir/seek.txt";
void* delete_objectID="/test.dir/delete.txt";
void* trunc_objectID="/test.dir/truncate.txt";
char wrie_buffer[255]={"This a sierraware created sample test string\n"};
char read_buffer[255],rd_trunc_buffer[255],rd_write_buffer[255],
rd_rename_buffer[255];
void* attrsbuffer="This will get populated sometimes in the test fn\n";
void* p_buffer="And finally we tested GP_INTERNAL_STORAGE APP\n";
TEE_ObjectHandle crtattributes;
TEE_ObjectHandle *first_object;
TEE_ObjectHandle *second_object;
TEE_Whence whence;
whence=0x00000000;
sw_printf("-----------Allocating Memory For Create Object--------------\n");
first_object=(TEE_ObjectHandle*)TEE_Malloc(sizeof(TEE_ObjectHandle),0);
sw_printf("-------Allocating Memory For Create Object members----------\n");
allocate1_ret_val=TEE_AllocateTransientObject(TEE_TYPE_AES,0x00000800,
first_object);
sw_printf("the allocate transient function returns value is %x \n",
allocate1_ret_val);
crt_ret_val=TEE_CreatePersistentObject(storageID,create_objectID,
objectIDLen,w_flags,crtattributes,initialData,
(size_t)(sw_strlen((char*)initialData)),first_object);
sw_printf("The create Persistent object funtion \
returns value is %x \n \n",crt_ret_val);
sw_printf("------------Allocating Memory For open Object---------------\n");
second_object=(TEE_ObjectHandle*)TEE_Malloc(sizeof(TEE_ObjectHandle),0);
sw_printf("------------Allocating Memory For open Object members-------\n");
allocate2_ret_val=TEE_AllocateTransientObject(TEE_TYPE_RSA_KEYPAIR,
0x00000800,second_object);
sw_printf("the allocate transient function returns value is %x \n",
allocate2_ret_val);
open_ret_val=TEE_OpenPersistentObject(storageID,open_objectID,objectIDLen,
r_flags,second_object);
sw_printf("The open Persistent object funtion returns value is %x \n \n",
open_ret_val);
sw_printf("*****Reset the open object***** \n");
TEE_ResetTransientObject(*second_object);
open_read_retval=TEE_OpenPersistentObject(storageID,read_objectID,
objectIDLen,r_flags,second_object);
sw_printf("The open Persistent object funtion \
returns value is %x \n \n",open_read_retval);
read_ret_val=TEE_ReadObjectData(*second_object,(void*)&read_buffer,
read_size,&read_cnt);
sw_printf("The Read Persistent funtion returns value is %x \n \n",
read_ret_val);
sw_printf("*****Reset the read object***** \n");
TEE_ResetTransientObject(*second_object);
open_write_retval=TEE_OpenPersistentObject(storageID,write_objectID,
objectIDLen,w_flags,second_object);
sw_printf("The open Persistent object funtion \
returns value is %x \n \n",open_write_retval);
write_ret_val=TEE_WriteObjectData(*second_object,(void*)&wrie_buffer,
(size_t)(sw_strlen((char*)&wrie_buffer)));
sw_printf("The write Persistent funtion returns value is %x \n \n",
write_ret_val);
sw_printf("*****Reset the write object***** \n");
TEE_ResetTransientObject(*second_object);
optest_written_retval=TEE_OpenPersistentObject(storageID,write_objectID,
objectIDLen,r_flags,second_object);
sw_printf("The open Persistent object funtion \
returns value is %x \n \n",optest_written_retval);
rdtest_written_retval=TEE_ReadObjectData(*second_object,
(void*)&rd_write_buffer,rd_write_size,
&rd_write_cnt);
sw_printf("The Read Persistent funtion returns value is %x \n \n",
rdtest_written_retval);
sw_printf("******TESTING:write persistent object*******\n");
if(rdtest_written_retval==1) {
sw_printf("SUCCESS \n");
}
else {
sw_printf("FAILURE \n");
}
sw_printf("*****Reset the read object***** \n");
TEE_ResetTransientObject(*second_object);
open_truncate_retval=TEE_OpenPersistentObject(storageID,trunc_objectID,
objectIDLen,w_flags,second_object);
sw_printf("The open Persistent object funtion \
returns value is %x \n \n",open_truncate_retval);
truncate_ret_val=TEE_TruncateObjectData(*second_object,trunc_size);
sw_printf("The truncate Persistent funtion returns value is %x \n \n",
truncate_ret_val);
sw_printf("*****Reset the truncate object***** \n");
TEE_ResetTransientObject(*second_object);
optest_truncated_retval=TEE_OpenPersistentObject(storageID,trunc_objectID,
objectIDLen,r_flags,second_object);
sw_printf("The open Persistent object funtion \
returns value is %x \n \n",optest_truncated_retval);
rdtest_truncated_retval=TEE_ReadObjectData(*second_object,
(void*)&rd_trunc_buffer,rd_trunc_size,
&rd_trunc_cnt);
sw_printf("The Read Persistent funtion returns value is %x \n \n",
rdtest_truncated_retval);
sw_printf("******TESTING:truncate persistent object*******\n");
if(rdtest_truncated_retval==1) {
sw_printf("SUCCESS \n");
}
else {
sw_printf("FAILS \n");
}
sw_printf("*****Reset the read object***** \n");
TEE_ResetTransientObject(*second_object);
open_rename_retval=TEE_OpenPersistentObject(storageID,open_objectID,
objectIDLen,rw_flags,second_object);
sw_printf("The open Persistent object funtion \
returns value is %x \n \n",open_rename_retval);
rename_ret_val=TEE_RenamePersistentObject(*second_object,rename_objectID,
objectIDLen);
sw_printf("The rename Persistent funtion returns value is %x \n \n",
rename_ret_val);
sw_printf("*****Reset the rename object***** \n");
TEE_ResetTransientObject(*second_object);
optest_renamed_retval=TEE_OpenPersistentObject(storageID,rename_objectID,
objectIDLen,r_flags,second_object);
sw_printf("The open Persistent object funtion \
returns value is %x \n \n",optest_renamed_retval);
rdtest_renamed_retval=TEE_ReadObjectData(*second_object,
(void*)&rd_rename_buffer,rd_rename_size,
&rd_rename_cnt);
sw_printf("The Read Persistent funtion returns value is %x \n \n",
rdtest_renamed_retval);
sw_printf("******TESTING:rename persistent object*******\n");
if(rdtest_renamed_retval==1) {
sw_printf("SUCCESS \n");
}
else {
sw_printf("FAILS \n");
}
sw_printf("*****Reset the read object***** \n");
TEE_ResetTransientObject(*second_object);
open_seek_retval=TEE_OpenPersistentObject(storageID,seek_objectID,
objectIDLen,rw_flags,second_object);
sw_printf("The open Persistent object funtion \
returns value is %x \n \n",open_seek_retval);
seek_ret_val=TEE_SeekObjectData(*second_object,offset,whence);
sw_printf("The seek Persistent funtion returns value is %x \n \n",
seek_ret_val);
sw_printf("*****Reset the seek object***** \n");
TEE_ResetTransientObject(*second_object);
open_delete_retval=TEE_OpenPersistentObject(storageID,delete_objectID,
objectIDLen,r_flags,second_object);
sw_printf("The open Persistent object funtion returns value is %x \n",
open_delete_retval);
TEE_CloseAndDeletePersistentObject(*second_object);
sw_printf("*****Reset the close object***** \n");
TEE_ResetTransientObject(*second_object);
optest_deleted_retval=TEE_OpenPersistentObject(storageID,delete_objectID,
objectIDLen,r_flags,second_object);
sw_printf("The open Persistent object funtion \
returns value is %x \n \n",optest_deleted_retval);
sw_printf("******TESTING:close and delete persistent object*******\n");
if(optest_deleted_retval!=1) {
sw_printf("SUCCESS \n");
}
else {
sw_printf("FAILS\n");
}
sw_printf("*****Reset the seek object***** \n");
TEE_ResetTransientObject(*second_object);
TEE_Attribute* attref;
attref=(TEE_Attribute*)TEE_Malloc(sizeof(TEE_Attribute),0);
TEE_InitRefAttribute(attref,0x00000001,p_buffer,
(size_t)(sw_strlen((char*)p_buffer)));
TEE_Free((void*)attref);
TEE_Attribute* attval;
attval=(TEE_Attribute*)TEE_Malloc(sizeof(TEE_Attribute),0);
TEE_InitValueAttribute(attval,0x20000000,a_attribute_val,b_attribute_val);
TEE_Free((void*)attval);
TEE_Attribute attributes[3];
attributes[0].attributeID=0x20000000;
attributes[0].content.value.a=0x0000000A;
attributes[0].content.value.b=0x0000000B;
attributes[1].attributeID=0x00000275;
attributes[1].content.ref.length=(size_t)(sw_strlen((char*)attrsbuffer));
attributes[1].content.ref.buffer=TEE_Malloc
(attributes[1].content.ref.length,0);
TEE_MemCpy(attributes[1].content.ref.buffer,attrsbuffer,
(u32)(attributes[1].content.ref.length));
attributes[2].attributeID=0x23425676;
attributes[2].content.value.a=0x0000001E;
attributes[2].content.value.b=0x0000001F;
pop_ret_val=TEE_PopulateTransientObject(*second_object,attributes,
attribute_cnt);
sw_printf("the populate transient function returns value is %x \n",
pop_ret_val);
sw_printf("*****Reset the populate object***** \n");
TEE_ResetTransientObject(*second_object);
TEE_CopyObjectAttributes(*second_object,*first_object);
sw_printf("*****free the create object by call TEE_FreeTransientObject \
fn***** \n");
TEE_FreeTransientObject(*first_object);
sw_printf("*****free the common object by call TEE_FreeTransientObject \
fn***** \n");
TEE_FreeTransientObject(*second_object);
sw_printf("--------------Program Successfully Terminated--------------\n");
}
static void data_stream_write_read()
{
printf(" #### data_stream_write_read ####\n");
TEE_Result ret;
TEE_ObjectHandle handler;
TEE_ObjectHandle per_han;
size_t key_size = 512;
char objID[] = "56c5d1b260704de30fe7af67e5b9327613abebe6172a2b4e949d84b8e561e2fb";
size_t objID_len = 64;
uint32_t flags = 0xffffffff ^ TEE_DATA_FLAG_EXCLUSIVE;
void *write_data = NULL;
void *read_data = NULL;
size_t data_size = 50;
uint32_t count = 0;
write_data = calloc(1, data_size);
if (write_data == NULL)
goto err;
read_data = calloc(1, data_size);
if (read_data == NULL)
goto err;
/* gen random data */
RAND_bytes(write_data, data_size);
ret = TEE_AllocateTransientObject(TEE_TYPE_RSA_KEYPAIR, key_size, &handler);
if (ret == TEE_ERROR_OUT_OF_MEMORY) {
printf("Fail: no mem\n");
goto err;
}
if (ret == TEE_ERROR_NOT_SUPPORTED) {
printf("Fail: no sup\n");
goto err;
}
ret = TEE_GenerateKey(handler, key_size, NULL, 0);
if (ret != TEE_SUCCESS) {
printf("Fail: bad para\n");
goto err;
}
ret = TEE_CreatePersistentObject(TEE_STORAGE_PRIVATE, (void *)objID, objID_len,
flags, handler, NULL, 0, &per_han);
if (ret != TEE_SUCCESS) {
printf("Fail: per creation\n");
goto err;
}
ret = TEE_WriteObjectData(per_han, write_data, data_size);
if (ret != TEE_SUCCESS) {
printf("Fail: per write\n");
goto err;
}
ret = TEE_SeekObjectData(per_han, 0, TEE_DATA_SEEK_SET);
if (ret != TEE_SUCCESS) {
printf("Fail: per seek\n");
goto err;
}
ret = TEE_ReadObjectData(per_han, read_data, data_size, &count);
if (ret != TEE_SUCCESS) {
printf("Fail: per read\n");
goto err;
}
err:
TEE_CloseAndDeletePersistentObject(per_han);
TEE_CloseObject(handler);
free(write_data);
free(read_data);
}
TEE_Result TEE_AllocateOperation(TEE_OperationHandle *operation,
uint32_t algorithm, uint32_t mode,
uint32_t maxKeySize)
{
TEE_Result res;
TEE_OperationHandle op = TEE_HANDLE_NULL;
uint32_t handle_state = 0;
size_t block_size = 1;
uint32_t req_key_usage;
bool with_private_key = false;
bool buffer_two_blocks = false;
if (operation == NULL)
TEE_Panic(0);
if (algorithm == TEE_ALG_AES_XTS)
handle_state = TEE_HANDLE_FLAG_EXPECT_TWO_KEYS;
switch (algorithm) {
case TEE_ALG_AES_CTS:
case TEE_ALG_AES_XTS:
buffer_two_blocks = true;
/*FALLTHROUGH*/ case TEE_ALG_AES_ECB_NOPAD:
case TEE_ALG_AES_CBC_NOPAD:
case TEE_ALG_AES_CTR:
case TEE_ALG_AES_CCM:
case TEE_ALG_AES_GCM:
case TEE_ALG_DES_ECB_NOPAD:
case TEE_ALG_DES_CBC_NOPAD:
case TEE_ALG_DES3_ECB_NOPAD:
case TEE_ALG_DES3_CBC_NOPAD:
if (TEE_ALG_GET_MAIN_ALG(algorithm) == TEE_MAIN_ALGO_AES)
block_size = TEE_AES_BLOCK_SIZE;
else
block_size = TEE_DES_BLOCK_SIZE;
if (mode == TEE_MODE_ENCRYPT)
req_key_usage = TEE_USAGE_ENCRYPT;
else if (mode == TEE_MODE_DECRYPT)
req_key_usage = TEE_USAGE_DECRYPT;
else
return TEE_ERROR_NOT_SUPPORTED;
break;
case TEE_ALG_RSASSA_PKCS1_V1_5_MD5:
case TEE_ALG_RSASSA_PKCS1_V1_5_SHA1:
case TEE_ALG_RSASSA_PKCS1_V1_5_SHA224:
case TEE_ALG_RSASSA_PKCS1_V1_5_SHA256:
case TEE_ALG_RSASSA_PKCS1_V1_5_SHA384:
case TEE_ALG_RSASSA_PKCS1_V1_5_SHA512:
case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1:
case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224:
case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256:
case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384:
case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512:
case TEE_ALG_DSA_SHA1:
if (mode == TEE_MODE_SIGN) {
with_private_key = true;
req_key_usage = TEE_USAGE_SIGN;
} else if (mode == TEE_MODE_VERIFY) {
req_key_usage = TEE_USAGE_VERIFY;
} else {
return TEE_ERROR_NOT_SUPPORTED;
}
break;
case TEE_ALG_RSAES_PKCS1_V1_5:
case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1:
case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224:
case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256:
case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384:
case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512:
if (mode == TEE_MODE_ENCRYPT) {
req_key_usage = TEE_USAGE_ENCRYPT;
} else if (mode == TEE_MODE_DECRYPT) {
with_private_key = true;
req_key_usage = TEE_USAGE_DECRYPT;
} else {
return TEE_ERROR_NOT_SUPPORTED;
}
break;
case TEE_ALG_RSA_NOPAD:
if (mode == TEE_MODE_ENCRYPT) {
req_key_usage = TEE_USAGE_ENCRYPT | TEE_USAGE_VERIFY;
} else if (mode == TEE_MODE_DECRYPT) {
with_private_key = true;
req_key_usage = TEE_USAGE_DECRYPT | TEE_USAGE_SIGN;
} else {
return TEE_ERROR_NOT_SUPPORTED;
}
break;
case TEE_ALG_DH_DERIVE_SHARED_SECRET:
if (mode != TEE_MODE_DERIVE)
return TEE_ERROR_NOT_SUPPORTED;
with_private_key = true;
req_key_usage = TEE_USAGE_DERIVE;
break;
case TEE_ALG_MD5:
case TEE_ALG_SHA1:
case TEE_ALG_SHA224:
case TEE_ALG_SHA256:
case TEE_ALG_SHA384:
case TEE_ALG_SHA512:
if (mode != TEE_MODE_DIGEST)
return TEE_ERROR_NOT_SUPPORTED;
handle_state |= TEE_HANDLE_FLAG_KEY_SET;
req_key_usage = 0;
break;
case TEE_ALG_DES_CBC_MAC_NOPAD:
case TEE_ALG_AES_CBC_MAC_NOPAD:
case TEE_ALG_AES_CBC_MAC_PKCS5:
case TEE_ALG_AES_CMAC:
case TEE_ALG_DES_CBC_MAC_PKCS5:
case TEE_ALG_DES3_CBC_MAC_NOPAD:
case TEE_ALG_DES3_CBC_MAC_PKCS5:
case TEE_ALG_HMAC_MD5:
case TEE_ALG_HMAC_SHA1:
case TEE_ALG_HMAC_SHA224:
case TEE_ALG_HMAC_SHA256:
case TEE_ALG_HMAC_SHA384:
case TEE_ALG_HMAC_SHA512:
if (mode != TEE_MODE_MAC)
return TEE_ERROR_NOT_SUPPORTED;
req_key_usage = TEE_USAGE_MAC;
break;
default:
return TEE_ERROR_NOT_SUPPORTED;
}
op = TEE_Malloc(sizeof(*op), 0);
if (op == NULL)
return TEE_ERROR_OUT_OF_MEMORY;
op->info.algorithm = algorithm;
op->info.operationClass = TEE_ALG_GET_CLASS(algorithm);
op->info.mode = mode;
op->info.maxKeySize = maxKeySize;
op->info.requiredKeyUsage = req_key_usage;
op->info.handleState = handle_state;
if (block_size > 1) {
size_t buffer_size = block_size;
if (buffer_two_blocks)
buffer_size *= 2;
op->buffer =
TEE_Malloc(buffer_size, TEE_USER_MEM_HINT_NO_FILL_ZERO);
if (op->buffer == NULL) {
res = TEE_ERROR_OUT_OF_MEMORY;
goto out;
}
}
op->block_size = block_size;
op->buffer_two_blocks = buffer_two_blocks;
if (TEE_ALG_GET_CLASS(algorithm) != TEE_OPERATION_DIGEST) {
uint32_t mks = maxKeySize;
TEE_ObjectType key_type = TEE_ALG_GET_KEY_TYPE(algorithm,
with_private_key);
/*
* If two keys are expected the max key size is the sum of
* the size of both keys.
*/
if (op->info.handleState & TEE_HANDLE_FLAG_EXPECT_TWO_KEYS)
mks /= 2;
res = TEE_AllocateTransientObject(key_type, mks, &op->key1);
if (res != TEE_SUCCESS)
goto out;
if ((op->info.handleState & TEE_HANDLE_FLAG_EXPECT_TWO_KEYS) !=
0) {
res =
TEE_AllocateTransientObject(key_type, mks,
&op->key2);
if (res != TEE_SUCCESS)
goto out;
}
}
res = utee_cryp_state_alloc(algorithm, mode, (uint32_t) op->key1,
(uint32_t) op->key2, &op->state);
if (res != TEE_SUCCESS)
goto out;
/* For multi-stage operation do an "init". */
TEE_ResetOperation(op);
*operation = op;
out:
if (res != TEE_SUCCESS) {
TEE_FreeTransientObject(op->key1);
TEE_FreeTransientObject(op->key2);
TEE_FreeOperation(op);
}
return res;
}
